Jump to content

Archived

This topic is now archived and is closed to further replies.

Roberto

VPN and/or Bonjour tunneling

Recommended Posts

Roberto

Would be nice to have a mac (maybe windows too) app that will connect to the agent and, trough an encrypted communication, tunnel bonjour services so dedicated app can remotely control/manage devices on the network. (see old SLINK app)

Share this post


Link to post
Share on other sites
SpivR

I have been using a Mac Mini running maOS L2TP VPN tunnel.  It has worked well, but I want to migrate to OpenVPN which is more secure and robust.  Unfortunately, the built-in VPN support in macOS is only L2TP and PPTP. (Anyone doing VPN's knows that PPTP is not secure and should never be used any more).

 

I also have been looking to replace the Mac Mini with a more appliance-like, lower cost solution that is easier to install in client/remote locations.

 

I just found the pfSense firewall/VPN appliance which is only $150.  It is an ARM based device and runs a very robust linux-based firewall/router/VPN server. It also supports traffic shaping (QoS), so I am considering it as the primarily remote site router and using existing Wi-Fi router/WLAN devices in bridge-only mode as most Wi-Fi routers are very limited in their routing/feature sets.  (Haven't installed it yet, so cannot comment further.)

 

Because it is similar hardware to Domotz Pro (has dual Gig Ethernet), but includes hardware for VPN/encryption support, is there any chance the Domotz Pro ARM software agent can run on this box so I can avoid needing two boxes at the client?

 

I think that would be a great solution to having both Domotz Pro and a full VPN gateway into client/end-user sites.

 

Here is the product info:  https://netgate.com/products/sg-1000.html

 

Share this post


Link to post
Share on other sites
rgericke

I use my Synology for this, however in homes where a NAS or server Doesn't make sense this would be a great feature.

Share this post


Link to post
Share on other sites
SpivR

I would prefer having a Domotz software agent available for the SG-1000 to have a single box solution that is completely solid state.  The SG-1000, unlike the Domotz Pro, does not have a power button (good thing!) and has a metal enclosure (better for heat dissipation and ruggedness), and has some encryption hardware support.

 

I just had a client go "off the air" because someone fiddled with the Domotz and the power button got pressed.

 

I know that Domotz plans to eventually have new hardware to replace the Domotz Pro, but a software agent for the SG-1000 or similar could be done faster.  (I assume the hardware boxes are loss-leaders anyway and the strategy is "Domotz everywhere" like what they are doing with Luxul routers.)

Share this post


Link to post
Share on other sites
Silvio

Yes, in March we should have a new box with no power button (and 1U size).

 

Right, we are not so tied in selling our hardware and really willing to make our agent installed everywhere.

The problem with routers is that we need to make a partnership and work together with the maker. This is what we are doing with Luxul.

I believe in the future routers will be more and more like NAS, with the ability of installing applications there. Please note that we have quite few users that are running Domotz on a Synology routers. If only other makers had the same appproach.

Share this post


Link to post
Share on other sites

×
×
  • Create New...